General
-
Target
cb60d56de32e6e0f4d462df6c60238fd_JaffaCakes118
-
Size
32KB
-
Sample
241206-gk3sxayqcp
-
MD5
cb60d56de32e6e0f4d462df6c60238fd
-
SHA1
b3602d7a5a7d2cda47fd21d24d696179d6ac29a8
-
SHA256
7371c735226fecf029ad5cd1529c9fc6e83b98d85fa438a7dd4a374509a08500
-
SHA512
4c89bcdaf1a4316badc99be44aa493e4fe9cde43626cf5c6e45c74e48f77281e477cb6850e8a022119364adeecac497260411adef06ee023437e32adb07c0a7f
-
SSDEEP
768:HnPNjyTesi5y7i15F6jy076K3LPR2AfBmXaqWEL:HnPNFd5t3M20+6wpqA
Behavioral task
behavioral1
Sample
cb60d56de32e6e0f4d462df6c60238fd_JaffaCakes118
Resource
debian12-mipsel-20240221-en
Malware Config
Extracted
mirai
UNSTABLE
cnctomecutie1337.mikeysyach.xyz
scanthembigbots.mikeysyach.xyz
Targets
-
-
Target
cb60d56de32e6e0f4d462df6c60238fd_JaffaCakes118
-
Size
32KB
-
MD5
cb60d56de32e6e0f4d462df6c60238fd
-
SHA1
b3602d7a5a7d2cda47fd21d24d696179d6ac29a8
-
SHA256
7371c735226fecf029ad5cd1529c9fc6e83b98d85fa438a7dd4a374509a08500
-
SHA512
4c89bcdaf1a4316badc99be44aa493e4fe9cde43626cf5c6e45c74e48f77281e477cb6850e8a022119364adeecac497260411adef06ee023437e32adb07c0a7f
-
SSDEEP
768:HnPNjyTesi5y7i15F6jy076K3LPR2AfBmXaqWEL:HnPNFd5t3M20+6wpqA
Score10/10-
Mirai family
-
Contacts a large (29425) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Writes file to system bin folder
-